Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Dealing With Companies With Poor SSL Practices?

Posted by timothy on from the stochastic-protection dept.

An anonymous reader writes Despite recent highly-publicized hacking incidents making the news, companies continue to practice poor cyber-security. I signed-up to buy something from [an online vendor] and upon completing signup through HTTPS, was sent my username and password in plain-text through e-mail. This company has done everything in its power to avoid being contacted for its poor technical practices, including using GoDaddy's Domains By Proxy to avoid having even WHOIS information for their webmaster's technical contact from being found. Given such egregious behavior, what do you do when you're left vulnerable by companies flagrantly violating good security practice?

1 of 141 comments (clear)

  1. Hacking by axlash · · Score: 2, Funny

    If their security is so bad, you should be able to hack into their network.

    Once you've done so, post the story of the hacking on the internet.

    Nothing like public embarassment to make them clean up their security practices.

    --
    Deal with reality - the world as it is - rather than ideality - the world as you would like it to be.